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[57] ABSTRACT 

The present invention is a portable client PDA with a touch 
screen or other equivalent user interface and having a 
microphone and local central processing unit (CPU) for 
processing voice commands and for processing biometric 
data to provide user verification. The PDA also includes a 
memory for storing financial and personal information of the 
user and I/O capability for reading and writing information 
to various cards such as smartcards, magnetic cards, optical 
cards or EAROM cards. The PDA includes a Universal 
Card, which is common generic smartcard with a unique 
imprint provided by a service provider, on which selected 
financial or personal information stored in the PDA can be 
downloaded to perform certain consumer transactions. The 
PDA includes a modem, a serial port and/or a parallel port 
so as to provide direct communication capability with 
peripheral devices (such as POS and ATM terminals) and is 
capable of transmitting or receiving information through 
wireless communications such as radio frequency (RF) and 
infrared (IR) communication. The present invention is pref- 
erably operated in two modes, i.e., a client/server mode and 
a local mode. The client/server mode is periodically per- 
formed to download a temporary digital certificate (which is 
necessary to access selected information stored in the PDA 
and to write such information to the Universal Card) from a 
central server of the service provider of the PDA and 
Universal Card. Next, the local mode of operation is per- 
formed by providing the PDA with biometric data and 
selecting one of the pre-enrolled credit cards that are stored 
in the PDA. Upon biometric verification, the Universal Card 
is written with the selected card information, which is then 
used to initiate a consumer transaction. In the absence of an 
unexpired digital certificate, however, the selected card 
information will not be written to the Universal Card, 
notwithstanding that the user may have passed local bio- 
metric verification. 

20 Claims, 5 Drawing Sheets 
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PORTABLE INFORMATION AND Another disadvantage in using financial cards is that 

TRANSACTION PROCESSING SYSTEM AND consumers are not fully protected from the unauthorized use 

METHOD UTILIZING BIOMETRIC of lost or stolen cards. For example, a merchant can confirm 

AUTHORIZATION AND DIGITAL the ownership of a credit card during a consumer transaction 

CERTIFICATE SECURITY 5 by comparing the authorized signature that is (or should be) 

written on the back of the credit card with the signature of 

This application is based on a provisional application the person signing the credit card receipt. Realistically, 

Ser. No. 60/055,418, filed on Aug. 11, 1997. merchants generally do not compare these signatures during 

BACKGROUND OF THE INVENTION such a transaction > ™ d even if ^ey do, they may not 

10 compare such signatures with the level of scrutiny or skill 

The present invention relates to a portable information nee ded to distinguish minor differences between the con- 

and transaction processing system and method and, more sumer's signature and the unauthorized user's forged sig- 

particularly, to a portable information and transaction pro- nature Therefore, during the period of time between the 

cessing system and method which utilizes digital certificate the consumer ' s credit card is lost or stolen and the time 

security and biometric authorization to provide personal 15 me consumer realizcs such loss or mcft and cancels the 

verification prior to processing user requested financial account, an unauthorized user who has found or stolen the 

transactions and providing personal information. card may charge a substantial amount of money to the 

It is now widely accepted in the domestic consumer consumer's card, leaving the consumer with the burden of 

market that purchasing or selling goods or services with having to dispute such unauthorized charges with the finan- 

credit cards at point of sale (POS) terminals, as well as 2 o cial institution, 
performing electronic transfer of funds at automated teller 

machine (ATM) terminals using ATM cards, is more efficient SUMMARY OF THE INVENTION 

than using cash to pay for goods or services or paying debts. r , - c «. . f , u . . ... 

TT . & , r 3 b r , \ J fo It is therefore an obi ect of the present invention to provide 

Utilizing cash as a means for purchasing goods or paymg a b[e information and ttansactiori vrocessiDg device 

debts is generally viewed as burdensome for several reasons, A( , , . . ,„ j(IinAJA • . ■ . 

_. A . & J r . , „ ( personal digital assistant or PDA ) in which a user can 

First, in terms of accounting the consumer must manually ^ re ^ of ^ ^ ^ ^ cafd ^ ^ ^ ( . 

generate records and reconcile his or her accounts to keep informati as we „ as ^ information ; and 

track of such cash transactions. By utilizing a credi card ^ access ^ ^ information tQ , smartcard 

■ssued by a financial institution however consumer trans- ( « Universal Car<n which is then ^ to initiate a pos 

actions are recorded by such financial institution and 30 \™ , _ m „„, m „ 

. . \ A . iL1 ^ u ATM, or consumer transaction, 

accountings are provided to the consumer on a monthly ' 

basis, which provides improved accounting and reconcilia- " » another object of the present invention to provide a 

^ on PDA device which utilizes biometric security to provide user 

T * * . . « . r. . „ . ,i -m verification prior to accessing and writing the selected 

In addition, using cash is a financially insecure method for ,, . . J , . c f. A it _ TT & . , „ , 

. & * * t j j *u ^ i financial and personal information to the Universal Card, 

protecting consumers against fraud and theft. For example, 35 r 

if a consumer believes that he or she has been sold an It is yet another object of the present invention to provide 

inferior or over-priced product, which frequently occurs a PDA device with di S ital certificate security, whereby the 

during quick consumer transactions where the consumer user is required to periodicaUy download a temporary digital 

may not have adequate time to reflect on the purchase until certificate from a central server of the service provider of 

some time after such purchase, it is much easier for the 40 such Uiuversal Card mto the PDA device prior to accessing 

consumer to contact the financial institution to stop payment ^ writm S ^ ^ ciGd financial and P ersonal infonnation 

on goods purchased using a credit card than it is for the user t0 Universal Card. 

to recover cash from the merchant from whom such goods K is still another object of the present invention to provide 

were bought. Moreover, it is virtually impossible for a a P °A device with digital certificate security which is 

consumer to recover cash that has been stolen or lost. On the 45 compatible with the current infrastructure (i.e., immediately 

other hand, if the consumer's credit cards are stolen or lost, employed without having to change the existing 

the consumer can contact the corresponding financial insti- infrastructure) and which brings biometric security to elec- 

tution to cancel such cards and obtain new credit card tronic data transfer systems that are currently unable to 

accounts. perform biometric verification. 

Accordingly, there is a strong trend today in moving 50 It is yet another object of the present invention to provide 

towards a "cashless society," which has caused a substantial . a PDA device with digital certificate security which can be 

increase in the use of credit cards, ATM cards and direct extended to all applications or systems wherein magnetic 

debit cards (collectively, "financial cards") for performing and/or smartcards are used such as access control cards for 

consumer transactions. Notwithstanding the perceived ben- accessing a device service or building, cash cards for per- 

efits of using financial cards rather than cash, there exists 55 forming ATM transactions, calling cards or cellular cards 

several disadvantages in using these cards. For example, if (for e.g., GSM (Group Special Mobile) digital cellular 

the consumer frequently uses a significant number of finan- mobile radio system) for making telephone calls and 

cial cards, the consumer must physically possess all such employee cards for accessing confidential information, 

cards in order to access a desired account. Having to carry In one aspect of the present invention, a portable infor- 

such a large number of financial cards can be extremely 60 mation and transaction processing device, comprises: central 

burdensome to the consumer since a substantial amount of processing unit for controlling the functioning and for 

space is occupied by these cards in the consumer's wallet or processing a plurality of operations of the device; memory 

purse. Moreover, if the wallet or purse is lost or stolen, the means, operatively coupled to the central processing unit, 

consumer must contact the financial institution for each for storing financial and personal information and for storing 

financial card to cancel the account so as to prevent an 65 a temporary digital certificate; communication means, 

unauthorized user from transacting business with such cards, operatively coupled to the central processing unit, for estab- 

which is also a burdensome task. fishing a communication link with a central server at a 
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remote location to obtain the temporary digital certificate; 
user interface means, operatively coupled to the central 
processing means, for initiating at least one of the plurality 
of operations of the device and selecting a portion of one of 
the financial and personal information from the memory 
means; a universal card, detachably coupled to the central 
processing unit, for receiving the selected portion of one of 
the financial and personal information; and programming 
means, operatively coupled to the central processing unit 
and responsive to the temporary digital certificate, for writ- 
ing the selected portion of one of the stored financial and 
personal information to the universal storage card, whereby 
the programming means is prevented from writing the 
selected portion of one of the financial and personal infor- 
mation to the universal card when the temporary digital 
certificate is invalid. 

The present invention is a portable client PDA with a 
touch screen or other equivalent user interface, which 
includes a microphone and a local central processing unit 
(CPU) for processing voice activated commands and for 
processing biometric data to provide biometric verification 
of a user. The present invention includes a memory for 
storing financial and personal information of the user and 
I/O capability for writing and reading information to and 
from various cards such as smartcards, magnetic cards, 
optical cards or EAROM (electrically alterable read-only 
memory) cards. The present invention includes a Universal 
Card, which is a common generic smartcard with a unique 
imprint (i.e., an account number) provided by a service 
provider, on which selected financial or personal informa- 
tion stored in the PDA can be downloaded to perform 
various transactions. The PDA prefer ably includes a modem 
and a serif 1 port and/or a parallel port so as to provide direct 
communication capability with peripheral devices. The PDA 
is also capable of transmitting or receiving information 
through wireless communications such as radio frequency 
(RF) and infrared (IR) communication. 

The present invention is preferably operated in two 
modes, i.e., a client/server mode and a local mode. The 
client/server mode is periodically performed to download a 
temporary digital certificate from a central server of the 
service provider of the PDA and Universal Card. The 
client/server mode is performed by establishing communi- 
cation between the PDA and a central server of the service 
provider via modem or wireless communication. Once com- 
munication is established, the central server verifies the user 
either biometrically or through PIN or password or a com- 
bination thereof, and then generates a temporary digital 
certificate which is downloaded into the PDA. A temporary, 
unexpired digital certificate is necessary to access selected 
information stored in the PDA and write such information to 
the Universal Card. 

Next, the local mode of operation of the PDA is per- 
formed to initiate a consumer transaction. Preferably, in the 
local mode, the user selects one of the pre-enrolled credit 
cards that are stored on the PDA by stating a verbal 
command into the microphone of the PDA, whereby the 
CPU processes the verbal command and performs user 
verification. Alternatively, user verification (i.e, local 
verification) may be performed by using either biometric 
data, PIN or password, or a combination thereof. Upon local 
verification, the selected information is retrieved from 
memory and written to the Universal Card which is then 
available to commence a transaction. In the absence of an 
unexpired digital certificate, however, the selected informa- 
tion will not be written to the Universal Card notwithstand- 
ing that the user may have passed local verification. 
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The present invention advantageously eliminates the bur- 
den of having to carry a multitude of financial cards and/or 
credit cards that a user may frequently utilize. The financial 
information for each card may be stored in the PDA and 
written to the Universal Card when needed. If the Universal 
Card is lost or stolen, the user will only have to contact the 
service provider to cancel and reissue a new account. In 
addition, due to the biometric and digital certificate security 
which protects against the unauthorized access to the user's 
financial and personal information, a lost or stolen Universal 
Card is useless to an unauthorized user. 

Further, the present invention may be immediately 
employed without the need for changes in the existing 
infrastructure since the PDA and Universal Card may be 
utilized with any system which utilizes magnetic cards or 
smartcards for electronic data transfer such as point of sale 
(POS) terminals or automated teller machines (ATM) which 
provide direct debit capability. 

These and other objects, features and advantages of the 
present invention will become apparent from the following 
detailed description of illustrative embodiments, which is to 
be read in connection with the accompanying drawings. 

BRIEF DESCRIPTION OF THE DRAWINGS 

FIG. 1 is a block diagram illustrating elements of a 
portable information and transaction processing device 
according to an embodiment of the present invention; 

FIGS. 2a and 2b are diagrams of the Universal Card 
according to an embodiment of the present invention; 

FIG. 3 is a block diagram showing the interaction of the 
portable information and transaction processing device in 
connection with processing a transaction according to the 
present invention; 

FIG. 4 is a flow diagram illustrating the client/server 
mode of operation in accordance with the present invention; 

FIG. 5 is a flow diagram illustrating the local mode of 
operation in accordance with the present invention; and 

FIG. 6 is a flow diagram illustrating another local mode 
of operation in accordance with the present invention. 

DETAILED DESCRIPTION OF PREFERRED 
EMBODIMENTS 

It is to be understood that same or similar components 
illustrated throughout the figures are designated with the 
same reference numeral. It is to be further understood that 
the elements or functional modules described herein in 
accordance with the present invention may be implemented 
in various forms of hardware, software, or a combination 
thereof. Preferably, the main biometric verification elements 
and speech recognition elements are implemented in soft- 
ware and may include any suitable and preferred processor 
architecture for practicing the invention by programming 
one or more general purpose processors. It is to be further 
understood that, because some of the components of the 
invention described wherein are preferably implemented as 
software modules, the actual connections shown in the 
figures may differ depending upon the manner in which the 
invention is programmed. Of course, special purpose pro- 
cessors may be employed to implement the invention. Given 
the teachings of the invention herein, one of ordinary skill in 
the related art will be able to contemplate these and similar 
implementations of the elements of the invention. 

Referring initially to FIG. 1, a block diagram illustrating 
elements of the portable information and transaction pro- 
cessing (PDA) device 10 according to an embodiment of the 



12/2/04, EAST Version: 2.0.1.4 



6,016,476 



present invention is shown. The heart of the device is a 
central processing unit (CPU) 12, which controls the opera- 
tions of the PDA device 10 via programs stored in a memory 
14 and executed by the CPU 12. Specifically, the CPU 12 
includes an acoustic processor module 16 for processing 
voice commands inputted into the PDA device 10 through a 
microphone 18. The acoustic processor module 16 is also 
used for performing local speaker verification. The CPU 12 
also includes a digital certificate processor module 20, for 
processing a digital certificate obtained in the client/server 
mode of operation (to be discussed in detail below), and a 
biometric processor module 22 for processing biometric data 
in addition to, or alternative to voice data, to provide user 
verification. The CPU 12 further includes an encrypter/ 
decrypter module 24 for encrypting the personal and finan- 
cial information before being stored in memory 14 and for 
decrypting such information when accessed by the user. 
Although the illustrative embodiment herein shows the CPU 
12 comprising the digital certificate module 20, the 
encrypter/decrypter module 24, the acoustic processor mod- 
ule 16 and the biometric processor module 22, it is to be 
understood that such modules may also be implemented as 
special purpose modules each having a processor, associated 
memory and stored programs for performing such functions. 

The PDA device 10 includes a smartcard reader/writer 26 
(as is known in the art) for reading and writing information 
to and from various cards, e.g., magnetic cards, IC cards 
and/or EAROM cards (using known standards and 
techniques). During the local mode of operation of the PDA 
device 10, a Universal Card 26 of the present invention is 
inserted into the smartcard reader/writer 30 and, upon user 
verification, selected financial or personal information is 
written to the Universal Card 26. When not in use, the 
Universal Card 26 may be stored in a smartcard storage 
compartment 32 of the PDA device 10. 

The PDA device 10 includes a user interface/display 34, 
which is preferably a liquid crystal display (LCD) touch 
screen display (or equivalent user interface), for displaying 
and/or inputting data associated with the operations or 
functions of the PDA device 10. Alternatively, the interface/ 
display 24 may be comprised of a keyboard and a conven- 
tional LCD display. Additionally, the PDA device 10 may 
audibly communicate with or request information from the 
user through a speaker 26 which is operatively connected to 
the CPU 12 via a text-to-speech converter 38. The text-to- 
speech converter 38 converts signals from the CPU 12 into 
synthesized speech which is then heard through the speaker 
36. The PDA device 10 may be configured to simultaneously 
display such information along with generating the synthe- 
sized speech. Furthermore, the PDA device 10 may operate 
without a display (or a limited display) and rely on the 
text-to-speech functions to communicate information to the 
user of such device. 

A biometric sensor 40 of any conventional type may also 
be provided for collecting biometric data (other than voice 
data which is received by the microphone 18) such as a 
finger, thumb or palm print, a handwriting sample, a retinal 
vascular pattern, or a combination thereof, to provide bio- 
metric verification as an alternative to, or in addition to, 
voice biometric verification. This data is then processed by 
the biometric processor module 22 to provide user verifica- 
tion (i.e., biometric security) prior to accessing the financial 
and personal information stored in memory 14. It is to be 
appreciated by one of ordinary skill in the art that the 
biometric verification features of the PDA device may be 
replaced or supplemented with a PIN (personal identification 
number) or password to provide user verification. 
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The PDA device 10 may preferably be equipped with 
various communication ports such as a serial port 42 and a 
parallel port 44 (utilizing known computer interface 
standards), operatively coupled to the CPU 12, as well as a 
telephone line interface 46 (using a known interface 
connections), to provide means for establishing a commu- 
nication link between the PDA device 10 and other periph- 
eral devices such as computers, modems and printers. For 
establishing wireless communication, the device may pref- 
erably be equipped with an RF processor module 48, opera- 
tively connected between the CPU 12 and an RF port 50, for 
processing incoming RF information received by the RF 
port 50, and for generating transmission signals which are 
outputted from the RF port 50 using conventional construc- 
tions and techniques. The device may also be equipped with 
an IR processor module 52, operatively connected between 
the CPU 12 and an IR port 54, for processing incoming 
optical information and for generating output optical signals 
using conventional constructions and known techniques. 
Preferably, the PDA device 10 includes a DTMF (dual tone 
multi-frequency) processor module 56 and a modem 58, 
operatively coupled between the CPU 12 and the telephone 
line interface 46. Communication of financial information 
may be accomplished via modem communication and/or 
DTMF tone communication on a telephone line, using 
known methods. DTMF communication may be used for 
processing PINs for user verification and authorization. 

Referring now to FIGS. 2a and 2b, diagrams of the 
Universal Card 26 according to an embodiment of the 
present invention are shown. The Universal Card 26 is 
essentially a generic smartcard which includes either a 
magnetic band 28 (FIG. 2d) or integrated chip (IC) 29 (FIG. 
2b) y or both, for storing the selected information which is 
retrieved from the memory. 14 and written to the Universal 
Card 26 through the smartcard reader/writer 30 during the 
local mode of operation of the PDA device 10. The Univer- 
sal Card 26 (issued by a service provider) contains a unique 
Universal Card number 27 imprinted thereon, which corre- 
sponds to the designated user account number provided by 
the service provider (which is analogous to the account 
number provided on a credit card or ATM card). 

As more fully discussed below, the Universal Card num- 
ber 27 may be utilized to provide user verification in 
consumer POS transactions utilizing a traditional mechani- 
cal sweeper instead of a magnetic sweeper which is capable 
of magnetically reading the magnetic band 28 of the Uni- 
versal Card 26. The unique Universal Card number 27 may 
also be used for to provide user verification in instances 
where consumer transactions are performed remotely over a 
telephone. In such instance, as explained below, an autho- 
rization number, which is unique to the current digital 
certificate, will be displayed on the PDA device 10 upon user 
verification. The authorization number, together with the 
unique Universal Card number 27, may be used to verify the 
user. 

Referring to FIG. 3, a block diagram illustrating the 
interaction of the PDA device 10 in connection with pro- 
cessing a transaction according to the present invention is 
shown. The user of the PDA device 10 and Universal Card 
26 (FIGS. 1 and 2) must first perform an enrollment proce- 
dure with a service provider. Enrollment involves obtaining 
a Universal Card 26 with a designated account number (i.e., 
the unique imprint 27 on the Universal Card 26) and 
providing the service provider with the user's credit card or 
ATM card information so that such information can be 
verified with the financial institutions 70 that issued such 
cards. This information is then stored on a central server 60 
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of the service provider. The user may then subsequently 
download such information into the PDA device 10 by 
establishing a communication link (LI) with the central 
server 60. Alternatively, the credit cards or ATM cards may 
be loaded into the PDA device 10 by directly reading 5 
information contained on such cards through the smartcard 
reader/writer 30 of the PDA device 10. In such a situation, 
the PDA device 10 will compare the user ID of the credit 
cards with the user ID of the PDA device to verify the user 
so as to prevent a user from downloading the information 10 
from cards owned by another person into the user's PDA 
device 10. In the event that the PDA device is unable to 
verify the owner of a card which is being directly down- 
loaded via the smartcard reader/writer 30 (i.e., the card does 
not contain the name of its owner), the user will be required 15 
to enroll the card by providing the service provider with the 
card information (to obtain verification from the appropriate 
financial institution) and then connect to the central server 
60 to download the card information. 

Enrollment also involves providing the service provider 20 
with personal information such as the user's social security 
number, address, maiden name and date of birth, which is 
stored on the central server 60. Such information is then 
used to verify the user during the client/server mode prior to 
the issuance of a digital certificate. A personal identification 25 
number PIN and the Universal Card 26 with a unique 
account number 27 is provided by the service provider. This 
information, as well as biometric data such as voice prints 
(models) of the user, are also stored in central server 60 of 
the service provider for user verification during the client/ 30 
server mode to obtain a digital certificate (to be discussed in 
detail below). The central server 60 is a computer which is 
programmed to perform the functions described herein such 
as biometric verification, speech recognition and generating 
and downloading a temporary digital certificate. 35 

Referring to FIGS. 1, 3 and 4, the client/server operating 
mode of the present invention is now described. As indicated 
above, the user must periodically connect the PDA device 10 
with the central server 60 of the service provider (Link LI, 
FIG. 3) in order to obtain a valid digital certificate from the 40 
central server 60 prior to initiating a consumer transaction. 
Specifically, the digital certificate is binary encrypted file 
that must be downloaded into the PDA device 10 before 
personal or financial information of the user can be written 
to the Universal Card 26. The digital certificate contains 45 
information relating to (but not limited to) the account 
number of the PDA device 10, the date on which the digital 
certificate was authenticated and its expiration date, as well 
as any constraints which exist for each enrolled card. The 
digital certificate is stored in the memory 14 of the PDA 50 
device 10. Prior to the execution of a transaction (i.e., 
downloading selected card information from the memory 14 
to the Universal Card 26), the digital certificate is decrypted 
by the encrypter/decrypter module 24 and loaded into the 
digital certificate processor module 20 wherein it is pro- 55 
cessed to determine if it is valid. 

In order to obtain the digital certificate, the user must 
establish a communication fink (Link LI, FIG. 3) with the 
central server 60 of the service provider (step 100, FIG. 4). 
Communication may be established by dialing into the 60 
central server 60 through a telephone line via the modem 58 
and telephone fine interface 46. It is also contemplated by 
the present invention that communication may be estab- 
lished with the central server 60 through a digital commu- 
nication channel such as internet, intranet or local area 65 
network. Alternatively, communication between the PDA 
device 10 and the central server 60 may be established 
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through wireless communications, e.g., via the RF port 50 
and the RF processor module 48. Further, the PDA device 10 
may be connected to the central server via a special ATM (or 
other such kiosks) which uses intranet and TCP/IP to con- 
nect to the central server 60. It is to be understood that the 
PDA device 10 may be operatively linked to the kiosk either 
directly (e.g., via serial or parallel ports 42 and 44) or 
through wireless communication via the RF port 50 or the IR 
port 53. As demonstrated above, it is to be appreciated by 
one of ordinary skill in the art that the central server 60 of 
the present invention is accessible through any conventional 
communication channel. 

Once communication has been established, the user is 
prompted (either by text on the user interface/display 34 or 
verbally through the text-to-speech converter 38 and speaker 
36) to enter certain verification data (step 102). Such data is 
then transmitted to the central server 60 via the communi- 
cation link LI. Specifically, the central server 60 may ask the 
user a series of questions (which are randomly chosen from 
the totality of questions asked and answered during the 
enrollment process). Such questions are received by the 
CPU 12 of the PDA device 10 and either displayed on the 
user interface display 34 or sent to the text-to-speech con- 
verter 38, where they are converted to synthesized speech 
and audibly transmitted to the user through the speaker 36. 
The central server 60 may also prompt the user to enter the 
PIN that was issued to the user during the enrollment 
process. 

If such requested verification data is not provided within 
a predetermined time (step 104), the central server 60 will 
automatically disconnect the communication link LI, and a 
digital certificate will not be downloaded (step 106). On the 
other hand, if the user enters the requested verification data 
in timely manner (step 104), the central server 60 will 
process such data (step 108). The user may provide the 
requested verification data by providing answers to the 
questions by speaking into the microphone 18. The audio 
signals are then received by the CPU 12 and then directed to 
the acoustic processor module 16, wherein the user's 
answers are processed and transmitted to the central server 
60 via the communication link LI. In addition, the user may 
enter his or her assigned PIN through the user interface 
display 34. This PIN is then processed by the DTMF 
processor module 56 to generate corresponding tone signals 
which are received and processed by the central server 60. 
Preferably, the PIN can be provided by stating, e.g., "My pin 
number is 3456" into the microphone 18, wherein the audio 
signals are processed by the acoustic processing module 16, 
and then transmitted to the central server 60 via the estab- 
lished communication link LI. 

While the user is entering the requested verification data, 
the central server 60 begins processing the verification data 
(step 108). Specifically, the central server 60 will perform 
speaker verification to compare the user voice models that 
were processed and compiled by the CPU 12 of the PDA 
device 10 with the user's voice prints that were stored in the 
central server 60 during the enrollment process. Further, the 
central server 60 compares the answers given by the user 
with the answers provided during the enrollment process to 
determine if they match. The central server 60 may also 
verify whether the PIN entered by the user corresponds to 
the PIN that was issued during the enrollment process. If, 
after processing the verification data, the central server 60 
determines that the user is not an authorized user (step 110), 
the communication link LI will be disconnected and no 
digital certificate will be downloaded (step 106). 

It is to be appreciated that any conventional speech/ 
speaker recognition system may be employed by the present 
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invention. The present invention is not, in any way, limited specific financial card information to be used, the limit on 
to use with or dependent on any details or methodologies of the amount of allowed spending allowed over the lifetime of 
any particular speech/speaker recognition system which the temporary digital certificate and/or the period of time in 
may be employed. Preferably, the speaker recognition sys- which the temporary digital certificate will remain valid 
tem utilized by the central server 60 and the PDA device 10 5 (step 112). This information is received and processed by the 
in accordance with the present invention is the system which central server 60 and a digital certificate is then created and 
performs text-independent speaker verification and asks encoded with the user requested limitations (step 114). This 
random questions, i.e., a combination of speech recognition, digital certificate is then encrypted by the central server 60 
text independent speaker recognition and natural language and downloaded into the digital certificate processing mod- 
understanding using acoustic and non-acoustic models to 1Q ule 20 of the CPU 12 via the established communication link 
provide security from unauthorized access to a service/ LI (step 116). It is to be understood that the present 
facility (i.e., the central server 60) such as disclosed in U.S. invention may employ any known encryption technique or 
Ser. No. 08/871,784, filed on Jun. 11, 1997, and entitled: algorithm for the encryption/decryption process, such as 
"Apparatus And Methods For Speaker Verification/ those disclosed in "Applied Cryptography," by Bruce 
Identification/Classification Employing Non-Acoustic And/ , . Schenier, second edition, Wiley, 1996. The digital certificate 
Or Acoustic Models and Databases/' which is commonly 15 15 tn f^ s J tored , in ^ -memory 14 of the PDA device 10. With 
assigned to the assignee of the present invention and the a valld : dl § ltal j^^ate vthe user can then perform the local 

c u • L • • * l c operating mode ot the PDA device 10. 

disclosure of which is incorporated herein by reference. , . . , , , , . 

More particularly, the text-independent speaker verification 11 » to be appreciated that as demonstrated above, the 

system is preferably based on a frame-by frame feature , n ^ T ,™ y ft™ T " f k^ T 

i n j* i ttoo xt rto/non 20 addition to, or in lieu of, biometnc verification to obt am the 

classtfc^ necessary digital certificate from central server 60. 

471 filed on Jan. 28, 1997 and entitled: Text Independent Moreoverj the methods ^ closQd in me above-referenced 

Speaker Recognition for Transparent Command Ambiguity y s Ser No 0 8/873,079 may be utilized in the present 

Resolution And Contmuous Access Control," which is com- invention to remotely authenticate, reset or revoke the user's 

monly assigned to the present assignee and the disclosure of %s password, logons, PIN and/or encryption/decryption keys, 

which is also incorporated herein by reference. whereby the user may establish communication with the 

As explained in the above-incorporated reference U.S. central server 60 (via the PDA device 10) to request, e.g., a 

Ser. No. 08/871,784, text-independent speaker recognition is PIN change. 

preferred over text-dependant or text-prompted speaker rec- Referring now to FIGS. 1, 3 and 5, the local operating 

ognition because text independence allows the speaker rec- 30 mode of the present invention is now described. The local 

ognition function to be carried out in parallel with other mode of operation is commenced by the user selecting a 

speech recognition-based functions in a manner transparent pre -enrolled credit card that is stored in memory 14 (step 

to the caller. It is to be understood, however, the present 200). The selection process is preferably performed by voice 

invention can employ text-dependant or text-prompted activated commands (e.g., by stating into the microphone 18 

speaker verification. 35 "I want to use my American Express Card"). Such voice 

It is to be further appreciated that the automatic speech/ commands are then received by the CPU 12 and processed 

speaker recognition system disclosed in U.S. Ser. No. in the acoustic processor module 16. It is to be appreciated 

08/873,079, filed on Jun. 11, 1997, entided "Portable Acous- that any known command and control engine for speech 

tic Interface For Remote Access to Automatic Speech/ recognition may be employed in the present invention such 

Speaker Recognition Server," which is commonly assigned 40 as the commercially available large vocabulary IBM VIA- 

to the present assignee and the disclosure of which is VOICE GOLD system to perform the speech recognition 

incorporated herein, may preferably be employed in the functions in accordance with the present invention, 

present invention to provide for accurate speech recognition Alternatively, the desired card may be selected through 

communication in remote transactions between the PDA the user interface/display 34. The CPU 12 then searches the 

device 10 and the central server 60. 45 memory 14 for the desired information (step 202). If the card 

Particularly, as explained in above U.S. Ser. No. 08/873, was not previously stored in the PDA device 10 during the 

079, there are certain problems associated with remote enrollment process, the user will be prompted to select 

communications between a server/client systems utilizing another card (step 204). 

automatic speech/speaker recognition. Such problems If the requested card information is found in memory, 

include the loss of accuracy of data due to degradation of 50 biometric verification must be performed before the card 

voice data which is transmitted over a communication information can be written to the Universal Card 26. 

channel and the varied background noises at the user end Alternatively, as stated above, PIN or password verification 

which reduces the accuracy in speech recognition. Such by be performed in lieu of, or in addition to, biometric 

problems are remedied by preprocessing the speech signals verification. In the preferred embodiment of the present 

that are transmitted over the communication channel to the 55 invention using voice activated commands to select the 

server. Such pre-processing includes characterizing the desired card, the microphone 18 functions as a biometric 

acoustic features of the transmitting device, the sensor for receiving biometric voice data. This biometric 

environment, the speaker and the communication channel, voice data is then sent to the acoustic processor module 16 

whereby such information is then processed by the central wherein such data is processed (step 206) by comparing the 

server to set references, select appropriate decode models 60 current biometric voice data with the user's voice models 

and algorithms to recognize the speaker or decode the stored in memory 14. Although such verification may be 

speech by modeling the channel transfer function and the performed by any conventional method, the speaker verifi- 

background noise to reduce the word error rate of the speech cation methods disclosed in the above-referenced 

or to accurately perform speaker recognition. applications, U.S. Ser. Nos. 08/871,784 and 08/788,471 are 

Referring back to FIG. 4, if, on the other hand, the user is 65 preferably employed in the present invention, 
verified (step 110), the central server 60 will then prompt the In another embodiment of the present invention, a bio- 
user to provide certain transaction limitations such as the metric sensor 40 of any known type may be used in lieu of, 
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or in conjunction with the microphone, to collect biometric 
data to be processed by the biometric processor module 22 
using known techniques, e.g., finger, thumb or palm print 
data, handwriting data, a retinal vascular pattern data or a 
combination thereof. Again, in a further embodiment of the 5 
present invention, PIN or password verification may be 
utilized in lieu of, or in addition to such biometric verifica- 
tion techniques. 

After the biometric data is processed by the acoustic 
processing module 16 (when voice verification is utilized) or 10 
the biometric processor module 22 (when other biometric 
verification methods are used), or both, a determination is 
made as to whether the user is an authorized user (step 208). 
If the user is not verified, the selected card information will 
not be written to the Universal Card 26 (step 210). If the user 15 
is verified, the digital certificate (previously obtained in the 
client/server mode) is retrieved from memory 14 and loaded 
into the digital certificate processor module 20. The digital 
certificate processor module 20 processes the digital certifi- 
cate to determine whether the digital certificate is still valid 20 
(i.e., unexpired) and whether the use of the selected card has 
been prohibited or limited by the user requested limitations 
of such card during the client/server mode (step 212). If the 
digital certificate is not valid (i.e., expired), the selected card 
information will not be written to the Universal Card 26 25 
(step 210). 

If the digital certificate is valid (i.e., unexpired) the 
requested card information is then retrieved from memory 
14 and stored in the encrypter/decrypter module 24. The 
selected card information is then decrypted by- the 30 
encryption/decryption module 24 using an encryption key 
unique to the PDA device 10 (step 214). The decrypted card 
information is then sent to the smartcard reader/writer 30 
where it is then written to the Universal Card 26 (step 216). 
The Universal Card 26 is then removed from the smartcard 35 
reader/writer 30 and swept through the magnetic reading 
device of the transaction terminal 80 (FIG. 3) (step 218). The 
consumer transaction information is then sent to the proper 
financial institution 70 via communication link L4 (step 
220). 40 

In a more advanced transaction terminal 80, the Universal 
Card 26 may be overwritten with a receipt of the transaction 
by the POS or ATM transaction terminal 80 (step 222). With 
this feature, the user can keep an accounting of his or her 45 
transactions by inserting the Universal Card 26 into the 
smartcard reader/writer 30 and then loading the receipt 
information into the memory 14 of the PDA device 10 (step 
224). The user can subsequently transfer such information to 
a personal computer containing accounting software such as 5Q 
the software sold under the tradename QUICKEN. 

Advantageously, the present invention is immediately 
employable with the current infrastructure since the Univer- 
sal Card 26 is compatible with all credit card and/or smart- 
card electronic fund transfer systems (e.g., systems that 55 
process ATM cards, debit cards, credit cards, access control 
cards, calling cards and/or service cards). 

It is to be appreciated that the present invention may be 
used to store and access personal information such as 
medical, financial information and other confidential infor- 60 
mation which may be accessed and written to the Universal 
Card 26 or displayed on the user interface/display 34 
(assuming a valid digital certificate and local user 
verification). For example, medical doctors with special 
smartcards can access certain medical information from the 65 
PDA device of a patient (upon patient verification) by 
writing such information to the smartcard via the smartcard 
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reader/writer of the PDA device 10. Alternatively, such 
information may be transferred by wireless communication 
between the PDA device of the patient and the PDA device 
of the doctor. 

It is to be further appreciated that the invention may 
interact with electronic fund transfer systems or transaction 
terminals having wireless or direct communication capabili- 
ties without even having to use the Universal Card 26. 
Specifically, as demonstrated by the dotted fines in FIG. 5, 
the consumer transaction may be performed by transmitting 
the selected card information directly from the PDA device 
to the ATM or POS transaction terminal through an estab- 
lished communication link L2 (step 228, FIG. 3) (i.e., via the 
serial port 42, the parallel port 44 modem 42, the IR port 54 
or the RF port 50), rather than retrieving and writing card 
information to the Universal Card 26. Further, a receipt of 
the transaction can be directly transmitted to the PDA device 
10 through the communication link L2 (step 230). It is to be 
understood that in this embodiment, the CPU 12 of the PDA 
device 10 will prohibit the selected card information from 
being retrieved and transmitted to the transaction terminal 
80 if the user is not biometrically verified and/or if the digital 
certificate is not valid (step 226). In this particular embodi- 
ment of the present invention, the PDA device 10 itself 
actually takes the place of the Universal Card 26 and, 
consequently, eliminates the need of having to first write the 
selected card information to the Universal Card 26 and then 
sweep the Universal Card 26 through the magnetic reader of 
the POS or ATM transaction terminal. 

Advantageously, the present invention provides biometric 
security for transactions that do not involve electronic data 
transfer such as transactions that are processed with tradi- 
tional mechanical credit card sweepers or transactions that 
are performed remotely over the telephone. In such 
situations, a merchant can confirm that the user passed local 
verification by using the unique Universal Card number 27 
(FIG. 2) together with an authorization number which is 
based on the current valid digital certificate and generated 
upon user verification. 

By way of example, referring to FIG. 6, a flow diagram 
illustrating the local mode of the PDA device 10 during a 
remote (or mechanical sweeper) consumer transaction is 
shown. When operating the PDA device 10 in the local 
mode, if the user is biometrically verified (step 308) and the 
PDA device 10 contains an unexpired digital certificate (step 
310), the selected card information is retrieved from 
memory 14 and decrypted (step 314). The desired credit card 
information, as well as an authorization number, is then 
displayed on the user interface/display 34 (step 316). This 
information can then be verbally communicated to the 
merchant in order to process the transaction. If the user is not 
biometrically verified, or if the PDA device 10 contains an 
expired digital certificate, the selected card information and 
authorization number will not be displayed, (step 312). 

The merchant can verify that local verification of the user 
has been properly obtained by establishing a communication 
link L3 (FIG. 3) with the central server 60. If the selected 
card information corresponds to a credit card that was 
previously enrolled (i.e., registered) with the service pro- 
vider of the PDAR device 10 and Universal Card 26, upon 
transmitting the selected card information to the financial 
institution (or calling such institution to confirm the validity 
of the credit card), the merchant will be requested to provide 
the authorization number (which is generated upon user 
verification), in addition to the expiration date of the credit 
card. The merchant will then transmit the Universal Card 
number 27 and the displayed authorization number to the 
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central server 60. Since the authorization number is a The present invention has heretofore been illustrated as a 

function of the unexpired digital certificate that was obtained separate portable device. It is to be understood by one of 

from the central server 60 in the client/server mode, the ordinary skill in the art that the configuration of the present 

central server 60 inform the merchant that the user was invention may be embedded in other CPU based systems 

properly verified (step 318). 5 such as a cellular phone, a portable laptop, a network 

It is to be appreciated that local verification may also be computer (NC), or a PC having built in the components of 

performed by signature verification, whereby a digitized the above described PDA device 10. For example, a portable 

image of the user's valid signature is displayed on the user laptop having the smartcard reader/writer 30 of the PDA 

interface/display 34 using known techniques so that a mer- device 10 may be directly connected to the central server 60 

chant can compare the digitized signature on the screen to 1Q through a modem or through an internet server by protocols 

the user's written signature to provide further authentication. such as TCP/IP to download a valid digital certificate. 
Further, the present invention may utilize any conventional Moreover, the functions and components of the PDA 

pressure sensitive display wherein the user of the PDA device 10 may 5e 5uilt imo a c^ar pnone) whereby 

device 10 may sign his or her signature on the display, which communication with the central server 60 may be achieved 

is then processed and compared with an authentic digitized ^ h a communicatioD channelj which may be 

signature stored m the memory 14 of the PDA device 10. An ^ of ( c GSM, etc.). 

example of such technique is disclosed, for example, in w . , 0 . , . in- 

"Automatic On-Une Signature Verification," by Vic Nalwa, 11 15 to be appreciated by one of ordinary skill in the art 

Proc. IEEE, pp. 215-239, February, 1997. ^at a special ATM, kwsk or POS terminal can be employed 

It is to be further appreciated that the PDA device 10 and t0 P'*™ the methods and functions of the present inven- 

system of the present invention can be configured to afford 20 tion in lieu of the actual PDA device, thereby eliminating the 

an additional level of security for user verification, whereby need to physically posses the PDA device 10. For instance, 

the financial institution (e.g., credit card company) can a smartcard having a valid digital certificate and the user's 

verify the identity of the consumer during a purchase verification data (e.g, biometric data (voice print), PIN 

transaction. Specifically, during a consumer transaction, and/or password) and card information stored thereon may 

upon local verification (biometric, PIN and/or password) 25 be inserted into the ATM, kiosk or POS terminal, which are 

and assuming, of course, that a valid digital certificate was be equipped with biometric sensors such as a microphone, 

previously downloaded from the central server 60, the PDA The ATM can then verify the user biometrically or via PIN 

device 10 can be programmed to download the selected card or password. Assuming the digital certificate is valid, the 

information in encrypted form to the Universal Card 26, as ATM can then initialize the smartcard which may then be 

well as an encrypted file containing unique identifying 30 used to perform, for example, a purchase transaction. The 

information pertaining to the consumer including, but not smartcard may then be used for the duration of the validity 

limited to, such as the consumer's name and account number of the digital certificate (i.e., until the digital certificate 

(issued by the service provider of the PDA device 10 and expires) or until another card is loaded. In this embodiment, 

Universal Card 26). The selected card information, as well the smartcard can be used for only a limited amount of 

as the encrypted information file, would be transmitted to the 35 transactions. The digital certificate may be downloaded to 

POS terminal (via the Universal Card, RF or IR) and then the smartcard by any method analogous to the PIN mainte- 

transmitted in encrypted form direcdy to the processing nance techniques disclosed in the above incorporated U.S. 

financial institution together with the purchase details. Ser. No. 08/873,079, "Portable Acoustic Interface For 

Similarly, for purchase transactions with remote services Remote Access to Automatic Speech/Speaker Recognition 

(e.g. via the internet with a merchant's Web site), the 40 Server." For example, the user may establish a communi- 

selected card information in encrypted form, as well as the cation link with the central server 60 service provider 

encrypted user information, would be transmitted via through a personal computer having a smartcard reader, 

modem (TCP/IP) to the remote service (i.e., Web site) and whereby a valid digital certificate may be download onto the 

then transmitted in encrypted form to the financial institu- smartcard after the user provides verification information 

tion. It is to be appreciated that the encrypted information 45 such as user ID, PIN, smartcard serial number, and/or 

may be transmitted to the merchant's Web site either direcdy biometric data. 

from the modem 58 of the PDA device 10, or by download- it is to be further appreciated that the PDA device 10 of 

ing such information to the Universal Card 26, which is then the present invention may be used as a personal credit card 

read and transmitted by a PC equipped with a smartcard center whereby funds may be directly transferred between 

reader and a modem. 50 individuals having such PDA devices via credit cards or 

Next, assuming the credit card was previously enrolled debit cards. For example, assume that User A owes User B 

with the service provider, the processing financial institution a certain amount of money. User A will perform local 

would posses the requisite key (provided by the service verification (assuming that user A has a valid digital 

provider upon enrollment) to decode (i.e., decrypt) the certificate) to download selected credit card or debit card 

transmitted information to verify the identity of the user. 55 information to User A's Universal Card. User A will then 

Consequently, the processing financial institution would provide User B with the Universal Card which is then 

provide an authorization number for the transaction to the inserted into the smartcard reader/writer 30 of the PDA 

merchant if the consumer was verified or, on the other hand, device 10 of User B. User B then selects the amount of 

deny the transaction and inform the merchant if the con- money to be transferred (i.e., debited) from the Universal 

sumer is not authorized to use the selected card. 60 Card (i.e., selected credit card) to any one of User B's 

Alternatively, the PDA device 10 can be programmed to enrolled financial accounts (e.g., credit card accounts). User 

download a copy of the valid temporary digital certificate in B then obtains the authorization number produced by the 

encrypted form (as well as the selected card information in PDA device of User A upon local verification, and enters 

encrypted form) to the Universal Card 26, whereby the such number into the PDA device of User B. Of course, the 

digital certificate containing the requisite information to 65 above procedure may be performed directly (e.g., via IR 

identify the user would be transmitted (with the selected communication) instead of physically exchanging the Uni- 

card information) to the corresponding financial institution. versa! Card. 
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To prevent fraudulent transactions, the authorization num- 
ber produced by the PDA device of User A must be inputted 
into the PDA device of User B after the amount of the 
transaction is entered into the PDA device of User B and 
verified by User A. In other words, the PDA device of User 
B must be configured such that the authorization number 
from User A will not be accepted by the PDA device of User 
B unless the amount of the transaction is first entered into the 
PDA device of User B. Moreover, the PDA device of User 
B must be configured such that the authorization number of 
User A entered into the PDA device of User B is valid for 
only one transaction (i.e., one amount of money entered into 
the PDA device of User B), whereby the entire process must 
be subsequently repeated for each additional transaction 
between User A and User B. Alternatively, to prevent fraud, 
the PDA device of User A may be configured such that the 
authorization number produced by the PDA device of User 
A contains the amount of money to be transferred to the 
account of User B in an encrypted or, otherwise, hidden form 
so that User B cannot access and manipulate such amount. 

After entering User A's authorization number, User B will 
establish a communication link with the service provider to 
verify that the authorization number corresponds to User A* s 
unique Universal Card number and then have the funds 
transferred to User B's selected account (assuming the 
account is registered with the service provider). 

One of ordinary skill in the art can envision various 
methods for implementing the present invention for com- 
municating the selected card information. For instance, in 
the near future, information may be communicated between 
individuals and systems via personal area network (PAN) 
which links special electronic devices having a transceiver 
and CPU carried on the individuals using human conduc- 
tivity. Such concept may be employed in the present inven- 
tion whereby the selected card information is transferred 
upon human contact (e.g., shaking hands) rather than being 
transferred through a magnetic or smartcard or wireless 
communication. Specifically, the present invention may be 
embedded into the CPU of a PAN device whereby selected 
card information may be transmitted to receiving devices 
such as ATM's and POS terminals which are equipped with 
the requisite software and hardware to support PAN data 
exchange. 

Although the illustrative embodiments of the present 
invention have been described herein with reference to the 
accompanying drawings, it is to be understood that the 
invention is not limited to those precise embodiments, and 
that various other changes and modifications may be 
affected therein by one skilled in the art without departing 
from the scope or spirit of the invention. All such changes 
and modifications are intended to be included within the 
scope of the invention as defined by the appended claims. 

What is claimed is: 

1. A portable information and transaction processing 
device, comprising: 

a central processing unit; 

a memory device, operatively coupled to said central 
processing unit, for storing transaction information 
comprising one of financial information, personal 
information, and a combination thereof; 

communication means for establishing a communication 
link with a central server of a service provider, disposed 
at a remote location, to download a temporary digital 
certificate issued by said service provider; 

a user interface, operatively coupled to said central pro- 
cessing unit, for selecting at least a portion of said 
transaction information; 
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a card reader; 

a universal card having a unique card number designated 
to a subscribing user of said service provider, wherein 
the universal card is inserted into said card reader to 
receive said selected portion of said transaction infor- 
mation; and 

programming means, executable by said central process- 
ing unit, for determining if said temporary digital 
certificate is valid, for writing said selected portion of 
said transaction information to said universal card if 
said temporary digital certificate is deemed valid, and 
for preventing said selected portion of said transaction 
information from being written to said universal card 
when said temporary digital certificate is deemed 
invalid. 

2. The device according to claim 1, further comprising 
verification means for verifying if a user of said device is an 
authorized user and wherein said programming means com- 
prises means for preventing said selected portion of said 
transaction information from being written to said universal 
card if the user of said device is not verified. 

3. The device according to claim 2, wherein said verifi- 
cation means includes one of biometric verification means, 
PIN (personal identification number) verification means, and 
a combination thereof. 

4. The device according to claim 3, wherein said biomet- 
ric verification means includes: biometric sensor means for 
receiving biometric data from a user of said device; and 
biometric processing means for processing said biometric 
data to determine if said user of said device is an authorized 
user. 

5. The device according to claim 4, wherein said biomet- 
ric data is derived from one of a finger, thumb or palm print, 
a voice print, a handwriting sample and a retinal vascular 
patter and a combination thereof. 

6. The device according to claim 4, wherein said biomet- 
ric verification means performs speaker verification and said 
biometric data is voice data. 

7. The device according to claim 6, wherein said speaker 
verification is text-independent speaker verification. 

8. The device according to claim 1, further comprising 
encrypting/decrypting means, operatively coupled to said 
central processing unit, for encrypting said transaction infor- 
mation prior to said transaction information being stored in 
said memory device and for decrypting said selected portion 
of said transaction information. 

9. The device according to claim 1, further comprising 
speech recognition means, operatively coupled to said cen- 
tral processing unit, for processing voice commands from an 
authorized user of said device. 

10. The device of claim 1, wherein the temporary digital 
certificate includes one of an expiration date, the unique card 
number of the universal card, transaction limitation data, and 
a combination thereof. 

11. An information and transaction processing system, 
comprising: 

a central server associated with a service provider of a 

subscribing user; 
a transaction terminal; and 
a portable communication device comprising: 

a central processing unit; 

a memory device, operatively coupled to said central 
processing unit, for storing transaction information 
comprising one of financial information, personal 
information, and a combination thereof; 

communication means for establishing a communica- 
tion link with said central server to download a 
temporary digital certificate from said central server; 
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a user interface, operatively coupled to said central 
processing unit, for selecting at least a portion of said 
stored transaction information; 

a card reader; 

a universal card having a unique card number desig- 
nated to the subscribing user by said service 
provider, which is inserted in said card reader to 
receive said selected portion of said transaction 
information; and 
programming means, executable by said central pro- 
cessing unit, for determining if said temporary digi- 
tal certificate is valid, for writing said selected por- 
tion of the transaction information to said universal 
card if said temporary digital certificate is deemed 
valid, and for preventing said selected portion of the 
transaction information from being written to said 
universal card if said temporary digital certificate is 
deemed invalid; 
whereby said universal card is presented to said transac- 
tion terminal for initiating a user-desired transaction if 20 
said selected transaction information is written to said 
universal card. 

12. The system of claim 11, wherein said central server 
comprises verification means for receiving and processing 
verification data of a user of said portable device, which is 25 
transmitted from said portable device, to verify if the user of 
said portable device is a subscribing user, whereby said 
digital certificate is transmitted to said portable device only 

if said user is verified. 

13. The system of claim 11, wherein said portable com- 
munication device further comprises verification means for 
verifying if a user of said portable communication device is 
authorized to use said portable communication device, and 
wherein said programming means comprises means for 
preventing said selected transaction information from being 
written to said universal card if the user of said portable 
communication device is not verified. 

14. A method for performing an electronic transaction, 
comprising the steps of: 

using a portable communication device to establish a 
communication link with a central server of a service 
provider; 

verifying, by the central server, the identity of a user of the 
portable communication device to determine if the user 
is a subscribing user of the service provider; 

downloading a temporary digital certificate from the 
central server to the portable communication device, 
the temporary digital certificate being issued by the 
service provider if the user is verified as a subscribing 
user; 

selecting, by the user of said portable communication 
device, desired transaction information stored in the 
device to perform an electronic transaction; 

verifying, by the portable communication device, if the 
user is an authorized user of said device; 

determining, by the portable communication device, if the 
downloaded temporary digital certificate is valid; and 
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providing the selected transaction information to an elec- 
tronic transaction terminal to perform an electronic 
transaction, if the user is deemed an authorized user and 
the temporary digital certificate is deemed valid. 

15. The method of claim 14, wherein the step of providing 
the selected transaction information to an electronic trans- 
action terminal comprises the steps of: 

retrieving said selected transaction information stored in 

said portable device; 
decoding the selected transaction information using a key 

from the temporary digital certificate; 
establishing a transaction communication link with said 

electronic transaction terminal; and 
transmitting said decoded transaction information over 

said transaction communication link to said electronic 

transaction terminal. 

16. The method of claim 14, wherein the step of providing 
the selected transaction information to an electronic trans- 
action terminal comprises the steps of: 

retrieving said selected transaction information stored in 
said portable device; 

decoding the selected transaction information using a key 

from the temporary digital certificate; 
writing the decoded transaction information to a universal 

card in a card reader of the portable device; and 

providing the universal card with the decoded transaction 
information to the electronic transaction terminal. 

17. The method of claim 14, further comprising the steps 
of: 

generating an authorization number associated with the 
temporary digital certificate; and 

verifying the transaction by the transaction terminal, 
wherein the step of verifying the transaction comprises 
the steps of establishing a communication link with the 
central server by the electronic transaction terminal, 
and transmitting the authorization number and an 
account number of said subscribing user to said central 
server. 

18. The method of claim 14, wherein the temporary digital 
certificate includes one of an expiration date, an account 
number of the subscribing user, transaction limitation data, 
and a combination thereof. 

19. The method of claim 18, wherein one of the expiration 
date, transaction limitation data, and a combination thereof, 
of the temporary digital certificate is selected by the user of 
said portable communication device, if the user is verified by 
the central server as a subscribing user. 

20. The method of claim 14, wherein the steps of veri- 
fying by the central server and the portable communication 
device are performed using one of biometric verification, 
PIN (personal identification number) verification, and a 
combination thereof. 
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